Skip to main content

Superagent Security Tools

Superagent provides AI security guardrails including prompt injection detection, PII/PHI redaction, and claim verification against source materials.

Installation

npm install @superagent/ai-sdk

Environment Variables

SUPERAGENT_API_KEY=your-superagent-api-key

Available Tools

ToolDescription
superagentGuardDetect prompt injection attacks
superagentRedactRedact PII/PHI (SSNs, emails, phones)
superagentVerifyVerify claims against sources

Quick Start

import { Agent } from 'praisonai';
import { superagentGuard, superagentRedact, superagentVerify } from 'praisonai/tools';

const agent = new Agent({
  name: 'SecureAgent',
  instructions: 'Process text securely with security checks.',
  tools: [superagentGuard(), superagentRedact(), superagentVerify()],
});

const result = await agent.run('Check this text for security issues');
console.log(result.text);

Guard Tool (Prompt Injection Detection)

import { superagentGuard } from 'praisonai/tools';

const guardTool = superagentGuard({
  // Sensitivity level
  sensitivity: 'high', // low, medium, high
  
  // Block or warn
  action: 'block', // block, warn
});

const agent = new Agent({
  name: 'GuardedAgent',
  tools: [guardTool],
});

Redact Tool (PII Removal)

import { superagentRedact } from 'praisonai/tools';

const redactTool = superagentRedact({
  // Types of PII to redact
  redactTypes: [
    'ssn',
    'email',
    'phone',
    'credit_card',
    'address',
    'name',
  ],
  
  // Replacement style
  replacement: 'mask', // mask, remove, placeholder
});

const agent = new Agent({
  name: 'PrivacyAgent',
  tools: [redactTool],
});

Verify Tool (Claim Verification)

import { superagentVerify } from 'praisonai/tools';

const verifyTool = superagentVerify({
  // Verification strictness
  strictness: 'medium', // low, medium, high
  
  // Require sources
  requireSources: true,
});

const agent = new Agent({
  name: 'FactChecker',
  tools: [verifyTool],
});

Advanced Example

import { Agent } from 'praisonai';
import { superagentGuard, superagentRedact, superagentVerify } from 'praisonai/tools';

const agent = new Agent({
  name: 'SecureProcessor',
  instructions: `You are a secure text processor.
    1. First check for prompt injection
    2. Redact any PII
    3. Verify any claims made`,
  tools: [
    superagentGuard({ sensitivity: 'high' }),
    superagentRedact({ redactTypes: ['ssn', 'email', 'phone'] }),
    superagentVerify({ strictness: 'medium' }),
  ],
});

const result = await agent.run(`
  Process this text:
  "John Smith (SSN: 123-45-6789) claims that AI will replace 50% of jobs by 2030.
  Contact him at [email protected] or 555-123-4567."
`);
console.log(result.text);

Response Formats

Guard Result

interface GuardResult {
  safe: boolean;
  threats: Array<{
    type: string;
    severity: 'low' | 'medium' | 'high';
    description: string;
  }>;
  action: 'allowed' | 'blocked' | 'warned';
}

Redact Result

interface RedactResult {
  redactedText: string;
  redactions: Array<{
    type: string;
    original: string;
    replacement: string;
    position: { start: number; end: number };
  }>;
}

Verify Result

interface VerifyResult {
  verified: boolean;
  claims: Array<{
    claim: string;
    status: 'verified' | 'unverified' | 'false';
    sources?: string[];
    confidence: number;
  }>;
}

Best Practices

  1. Layer security - Use guard before processing user input
  2. Redact early - Remove PII before storing or processing
  3. Verify claims - Check factual statements against sources
  4. Log securely - Don’t log redacted information
  • Tavily - Web search for verification
  • Exa - Source finding